EMT Practice Test

1. Question Content...


Question List

Question1: A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?

Question2: After a security incident, a systems administrator asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator trying to protect?

Question3: A client demands at least 99.99% uptime from a service provider's hosted security services. Which of the following documents includes the information the service provider should return to the client?

Question4: Which of the following is themostlikely outcome if a large bank fails an internal PCI DSS compliance assessment?

Question5: Which of the following automation use cases would best enhance the security posture of an organization by rapidly updating permissions when employees leave a company?

Question6: A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?

Question7: The management team notices that new accounts that are set up manually do not always have correct access or permissions.
Which of the following automation techniques should a systems administrator use to streamline account creation?

Question8: A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods ismostsecure?

Question9: An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. Which of the following types of infections is present on the systems?

Question10: The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?

Question11: Which of the following enables the use of an input field to run commands that can view or manipulate data?

Question12: You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.






Question13: Which of the following tools can assist with detecting an employee who has accidentally emailed a file containing a customer's PII?

Question14: An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system.
Which of the following best describes the actions taken by the organization?

Question15: Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

Question16: A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies.
Which of the following is the most important consideration during development?

Question17: An enterprise has been experiencing attacks focused on exploiting vulnerabilities in older browser versions with well-known exploits. Which of the following security solutions should be configured to best provide the ability to monitor and block these known signature-based attacks?

Question18: A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work. Which of the following is thebestoption?

Question19: An administrator discovers that some files on a database server were recently encrypted. The administrator sees from the security logs that the data was last accessed by a domain user. Which of the following best describes the type of attack that occurred?

Question20: Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?

Question21: A company prevented direct access from the database administrators' workstations to the network segment that contains database servers. Which of the following should a database administrator use to access the database servers?

Question22: A company is discarding a classified storage array and hires an outside vendor to complete the disposal.
Which of the following should the company request from the vendor?

Question23: A company's marketing department collects, modifies, and stores sensitive customer data. The infrastructure team is responsible for securing the data while in transit and at rest. Which of the following data roles describes the customer?

Question24: Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Question25: A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file's creator. Which of the following actions would most likely give the security analyst the information required?

Question26: Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

Question27: A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?

Question28: A security administrator would like to protect data on employees' laptops. Which of the following encryption techniques should the security administrator use?

Question29: Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

Question30: Which of the following would be thebestway to block unknown programs from executing?

Question31: Which of the following exercises should an organization use to improve its incident response process?

Question32: A data administrator is configuring authentication for a SaaS application and would like to reduce the number of credentials employees need to maintain. The company prefers to use domain credentials to access new SaaS applications. Which of the following methods would allow this functionality?

Question33: Which of the following is a hardware-specific vulnerability?

Question34: One of a company's vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?

Question35: A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

Question36: A hacker gained access to a system via a phishing attempt that was a direct result of a user clicking a suspicious link. The link laterally deployed ransomware, which laid dormant for multiple weeks, across the network. Which of the following would have mitigated the spread?

Question37: A company's end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Question38: A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider.
Which of the following is a risk in the new system?

Question39: Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?

Question40: Which of the following is aprimarysecurity concern for a company setting up a BYOD program?

Question41: A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks.
SIEM alerts have not yet been configured. Which of the followingbestdescribes what the security analyst should do to identify this behavior?

Question42: An enterprise is trying to limit outbound DNS traffic originating from its internal network. Outbound DNS requests will only be allowed from one device with the IP address 10.50.10.25. Which of the following firewall ACLs will accomplish this goal?

Question43: A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?

Question44: Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?

Question45: During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?

Question46: Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?

Question47: Which of the following is the best reason to complete an audit in a banking environment?

Question48: A security analyst is reviewing the following logs:

Which of the following attacks ismostlikely occurring?

Question49: Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

Question50: Which of the following can best protect against an employee inadvertently installing malware on a company system?

Question51: Users at a company are reporting they are unable to access the URL for a new retail website because it is flagged as gambling and is being blocked.
Which of the following changes would allow users to access the site?

Question52: Which of the following security control types does an acceptable use policybestrepresent?

Question53: A software development manager wants to ensure the authenticity of the code created by the company. Which of the following options is themostappropriate?

Question54: An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

Question55: An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a "page not found" error message.
Which of the following types of social engineering attacks occurred?

Question56: Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?

Question57: An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device.
Which of the followingbestdescribes the user's activity?

Question58: A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the followingbestdescribes this step?

Question59: Which of the following should a systems administrator use to ensure an easy deployment of resources within the cloud provider?

Question60: After reviewing the following vulnerability scanning report:
Server:192.168.14.6
Service: Telnet
Port: 23 Protocol: TCP
Status: Open Severity: High
Vulnerability: Use of an insecure network protocol
A security analyst performs the following test:
nmap -p 23 192.168.14.6 -script telnet-encryption
PORT STATE SERVICE REASON
23/tcp open telnet syn-ack
I telnet encryption:
| _ Telnet server supports encryption
Which of the following would the security analyst conclude for this reported vulnerability?

Question61: Which of the following vulnerabilities is associated with installing software outside of a manufacturer's approved software repository?

Question62: A technician needs to apply a high-priority patch to a production system. Which of the following steps should be takenfirst?

Question63: Which of the following is themostlikely to be included as an element of communication in a security awareness program?